Jump to content

Recommended Posts

Posted

Group Policy states that automatic updates are DISABLED but it still installed them anyway. It installed the May 2021 cumulative on one of my Server 2019 systems.

image.png.0c9cc04fd5f5b16f16b40d5fe55ec038.png


Posted

You need to dig through the Task Scheduler to find the things that check for updates or turn the disabled options back on. A lot of these tasks are under the SYSTEM or TrustedInstaller security context and/or execute in Session 0, so they are not visible to a regular logged in user, even one in the Administrators group.

Also wanted to add, I have a theory that you could point your computer to a WSUS with no updates in it to prevent updates. :sneaky:

Posted
15 hours ago, Tripredacus said:

 Also wanted to add, I have a theory that you could point your computer to a WSUS with no updates in it to prevent updates. :sneaky:

or set wsus server to anything non existing on gpo. For example stupid.update.stop as wsus server name. It will error out as no connection:lol:. I used it once to stop updates on win10 to one client (was required not to update automatically at any case while still have networking)

  • 8 months later...
  • 2 months later...
Posted

This is what I do when updates are defiantly going on in the background. It prevents the installation of servicing stacks as well. Just keep in mind that you did this so you aren't scratching your head later when updates don't work.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tiworker.exe]
"Debugger"=">nul 2>&1"

 

  • 5 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...